<?xml version="1.0" encoding="UTF-8"?>
<sc:item xmlns:sc="http://www.utc.fr/ics/scenari/v3/core">
	<dk:section xmlns:dk="kelis.fr:dokiel" xmlns:sc="http://www.utc.fr/ics/scenari/v3/core" xmlns:sp="http://www.utc.fr/ics/scenari/v3/primitive">
		<dk:title>
			<sc:fullTitle>System settings</sc:fullTitle>
		</dk:title>
		<sp:content>
			<dk:content>
				<sp:infobloc>
					<dk:flowAll>
						<sp:txt>
							<dk:text>
								<sc:para sc:id="t26">One of the most important aspects of running a Cyber Café is keeping the workstations running smoothly, keeping complete control over the usage that customers have of them. This automatically entails locking down certain aspects of Windows, forbidding access to certain administrative tools (like the task manager), or to certain functions (like chaging the date &amp; time of the workstations).</sc:para>
								<sc:para sc:id="t27">Cybera can help in locking down the users rights of the workstations and, provided that the Cyber Café computers are set up correctly, should provide a secure and safe environment. The folowing system and windows user settings must be met :</sc:para>
							</dk:text>
						</sp:txt>
					</dk:flowAll>
				</sp:infobloc>
				<sp:op>
					<dk:stepList>
						<dk:sTitle>
							<sc:fullTitle>Disable &quot;Simple file sharing&quot;</sc:fullTitle>
						</dk:sTitle>
						<sp:desc>
							<dk:text>
								<sc:para sc:id="t23">
									<sc:inlineStyle role="emphasis">Under WinXP Pro you must disable 'Simple file sharing' on both the server and the workstations.</sc:inlineStyle> This is a system-wide setting that can only be changed by an administrator. This can be checked by opening Explorer, then under menu &quot;<sc:textLeaf role="menuPath" sc:id="t59">Tools</sc:textLeaf>&quot; > &quot;<sc:textLeaf role="menuPath" sc:id="t60">Folder Options...</sc:textLeaf>&quot; open the &quot;<sc:textLeaf role="term" sc:id="t61">View</sc:textLeaf>&quot; tab, It is one of the last &quot;<sc:textLeaf role="term" sc:id="t62">Advanced</sc:textLeaf>&quot; settings.</sc:para>
							</dk:text>
						</sp:desc>
					</dk:stepList>
				</sp:op>
				<sp:op>
					<dk:stepList>
						<dk:sTitle>
							<sc:fullTitle>Enable remote registry service</sc:fullTitle>
						</dk:sTitle>
						<sp:desc>
							<dk:text>
								<sc:para sc:id="t24">
									<sc:inlineStyle role="emphasis">The remote registry service must be running on both the server and the workstations</sc:inlineStyle> in order for user rights lockdown to work. Under &quot;<sc:textLeaf role="term" sc:id="t63">Administrative tools</sc:textLeaf>&quot; in the Control panel, open &quot;<sc:textLeaf role="term" sc:id="t64">Services</sc:textLeaf>&quot; and make sure the remote registry service is set to be started automatically.</sc:para>
							</dk:text>
						</sp:desc>
					</dk:stepList>
				</sp:op>
				<sp:op>
					<dk:stepList>
						<dk:sTitle>
							<sc:fullTitle>Configure WinXP SP2 firewall</sc:fullTitle>
						</dk:sTitle>
						<sp:desc>
							<dk:text>
								<sc:para sc:id="t29">Under WinXP SP2 it seems that when a computer is not sharing any resource (folder, printer etc) the remote access ports are blocked by the built-in WinXP SP2 firewall. </sc:para>
								<sc:para sc:id="t30">In order to allow remote access to your workstation (and therefore user rights lockdown) you either need to make sure that the &quot;<sc:textLeaf role="textCheckBox" sc:id="t65">File and printer sharing</sc:textLeaf>&quot; Exception is checked in the Windows firewall settings (<sc:textLeaf role="term" sc:id="t66">Exceptions</sc:textLeaf> tab) or simply deactivate the Windows firewall on all Workstations. For people using third party firewalls, the port that is used by Cybera for remote user rights lockdown is TCP 139. </sc:para>
							</dk:text>
						</sp:desc>
					</dk:stepList>
				</sp:op>
			</dk:content>
		</sp:content>
	</dk:section>
</sc:item>